Skip to content
BarcodeForge

Security

Browser-side generation

Barcode generation runs in your browser using JavaScript. Your barcode data does not leave your device during basic generation. No server-side storage of barcode values occurs.

Input handling

All user inputs are validated and sanitized before rendering. SVG output is generated programmatically to prevent script injection. Input length limits are enforced.

File uploads

CSV uploads for batch generation are limited to 5 MB. Files are read in the browser only. File contents are not uploaded to external servers for processing.

HTTPS

All traffic is served over HTTPS. Content Security Policy headers are implemented to reduce XSS risk.

Reporting

To report a security issue, use the contact page.